QUESTIONS AND
CORRECT ANSWERS
GRADED A+ 2025-2026
DNS Enumeration - ANS-The process of using easily accessible DNS records to map a
target network's internal hosts.
A DNS Record - ANS-Records containing the IP address of the domain.
MX DNS Record - ANS-These records contain the mail exchange servers.
CNAME Records - ANS-These are records used for aliasing domains. CNAME stands for
Canonical Name and links sub-domains with existing DNS records.
SOA Records - ANS-Records that contain important information about the domain such
as the primary name server, a timestamp showing when the domain was last updated
and the party responsible for the domain.
PTR (Pointer) Records - ANS-These records map an IPv4 address to the CNAME on the
host. This record is also called a 'reverse record' because it connects a record with an
IP address to a hostname instead of the other way around.
Whois - ANS-An internet utility program that obtains information about a domain
name or IP number from the database of a domain name registry
, nslookup - ANS-Allows for IP lookups from the domain name.
host - ANS-Can be used to gather DNS information.
Wildcard Domains - ANS-This record will match any request when there is no record
available that explicitly matches that request.
4 DNS enumeration tools - ANS--dnsrecon
-fierce
-dnsenum
-sublist3r
sublist3r - ANS-Allows for DNS enumeration using popular search engines as well as
brute force sub domains with the integrated tool, subbrute.
Email Harvesting - ANS-Collecting company e-mail addresses from multiple sources
that can be used for future attacks.
The Harvester - ANS-Used for scouring several different search engines to find email
addresses.
Host Discovery - ANS-The process of finding live hosts on a network.
netdiscover - ANS-Active ARP reconnaissance tool.
Nmap Stealth Scan - ANS-Nmap stealth scans are stealth because they don't complete
the 3-way handshake.
Null Session - ANS-This is a session that occurs when you use no username or
password. This is a vulnerability in CIFS and SMB.